Processor-based computing platforms are employed in a wide variety of applications, from personal computers (PCs), smartphones, and other information-oriented devices, to industrial controls, vehicles, appliances, consumer electronic articles, and wearable devices, just to name a few. In virtually every application, reliable operation and information security are paramount More recently, with the rising popularity of Internet-of-Things (IoT) devices, entities who own, operate, maintain, or support IoT devices are facing increasing challenges associated with exchanging information remotely with those devices. There is a need for computing platforms to attest the integrity of their hardware, firmware or software.
Conventional remote attestation mechanisms are generally based on either symmetric cryptography or asymmetric cryptography. The symmetric solutions are efficient but depend on pre-sharing a common cryptographic key and do not offer non-repudiation. Conventional asymmetric solutions, which may be based on elliptic curve cryptography (ECC) or Rivest-Shamir-Adleman (RSA) cryptosystems, do not have this limitation but tend to be very inefficient in terms of performance/power, to the point of being impracticable for implementation in computing-constrained platforms such as IoT devices. Another disadvantage of conventional cryptography is that it is vulnerable to the potential risk of quantum-computing attacks, which should be taken into consideration by system designers, particularly because many IoT devices are expected to deployed in the field for a long time, possibly extending into the in a post-quantum-computing era.